diff --git a/nftnl/src/expr/log.rs b/nftnl/src/expr/log.rs
new file mode 100644
index 0000000..9f2f052
--- /dev/null
+++ b/nftnl/src/expr/log.rs
@@ -0,0 +1,57 @@
+use super::{Expression, Rule};
+use nftnl_sys::{
+    self as sys,
+    libc::c_char,
+};
+
+/// A log expression.
+pub struct Log {
+    group: Option<LogGroup>,
+}
+
+#[derive(Debug, Clone, Copy, Eq, PartialEq, Hash)]
+pub enum LogGroup {
+    LogGroupZero,
+    LogGroupOne,
+    LogGroupTwo,
+    LogGroupThree,
+    LogGroupFour,
+    LogGroupFive,
+    LogGroupSix,
+    LogGroupSeven,
+}
+
+
+impl Log {
+    pub fn new(group: Option<LogGroup>) -> Self {
+        Log { group }
+    }
+}
+
+impl Expression for Log {
+    fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr {
+        unsafe {
+            let expr = try_alloc!(sys::nftnl_expr_alloc(
+                b"log\0" as *const _ as *const c_char
+            ));
+            if let Some(group) = self.group {
+                sys::nftnl_expr_set_u32(
+                    expr,
+                    sys::NFTNL_EXPR_LOG_GROUP as u16,
+                    group as u32,
+                );
+            };
+            expr
+        }
+    }
+}
+
+#[macro_export]
+macro_rules! nft_expr_log {
+    (group $group:ident) => {
+        $crate::expr::Log::new($group)
+    };
+    () => {
+        $crate::expr::Log::new(None)
+    };
+}
diff --git a/nftnl/src/expr/mod.rs b/nftnl/src/expr/mod.rs
index b4695fb..6bc96eb 100644
--- a/nftnl/src/expr/mod.rs
+++ b/nftnl/src/expr/mod.rs
@@ -60,6 +60,9 @@ pub use self::nat::*;
 mod payload;
 pub use self::payload::*;
 
+mod log;
+pub use self::log::*;
+
 mod verdict;
 pub use self::verdict::*;
 
@@ -71,6 +74,12 @@ macro_rules! nft_expr {
     (cmp $op:tt $data:expr) => {
         nft_expr_cmp!($op $data)
     };
+    (log group $group:ident) => {
+        nft_expr_log!(group $group)
+    };
+    (log) => {
+        nft_expr_log!()
+    };
     (counter) => {
         $crate::expr::Counter
     };